<?php
session_start();
require_once( 'configs/config.php' );
require_once( 'lib/db.php' );
require_once( 'lib/functions.php' );
require_once(SMARTY_DIR . 'Smarty.class.php');
$smarty = new Smarty();

if( (isset( $_SESSION[ 'UID' ] ) && $_GET[ 'id' ] == $_SESSION[ 'UID' ] ) || $_SESSION[ 'Level' ] == $config[ 'Admin' ] )
{
	$smarty->assign('logged_in', 'true');
	$smarty->assign('admin', 'true');
	$smarty->assign('self', 'true');
}
else
{
	header( 'Location: login.php' );
	exit;
}

$error = '';

if( $_SERVER['REQUEST_METHOD'] == 'GET' )
{
	$error .= '<li>Form was not submitted.</li>';
}
elseif( !$_GET['id'] )
{
	$error .= '<li>No ID was submitted.</li>';
}
else
{
	$id = $_GET['id'];

	$formFields = array( 'FirstName', 'LastName', 'Email', 'PhoneNumber', 'Photograph', 'AIM', 'YIM', 'MSN', 'Address');

	foreach( $formFields as $field )
	{
		$form[ $field ] = htmlentities( trim( $_POST[ $field ] ), ENT_QUOTES );
		$form[ $field ] = $db->escape( $form[ $field ] );
		if( $field == 'PhoneNumber' )
		{
			$form[ $field ] = ereg_replace ('[^0-9]+', '', $form[ $field ]);
		}
	}

	switch( $_FILES['Photograph']['error'] )
	{
		case UPLOAD_ERR_OK: break;
		case UPLOAD_ERR_NO_FILE: break;
		case UPLOAD_ERR_INI_SIZE: $error .= "<li>The uploaded file exceeds the upload_max_filesize directive (".ini_get("upload_max_filesize").") in php.ini.</li>"; break;
		case UPLOAD_ERR_FORM_SIZE: $error .= "<li>The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form.</li>"; break;
		case UPLOAD_ERR_PARTIAL: $error .= "<li>The uploaded file was only partially uploaded.</li>"; break;
		case UPLOAD_ERR_NO_TMP_DIR: $error .= "<li>Missing a temporary folder.</li>"; break;
		case UPLOAD_ERR_CANT_WRITE: $error .= "<li>Failed to write file to disk.</li>"; break;
		default: $error .= "<li>Unknown File Error.</li>";
	}

	if( $_FILES['Photograph']['error'] != UPLOAD_ERR_NO_FILE && $_FILES['Photograph']['type'] != 'image/jpeg' )
	{
		$error .= '<li>Photograph file can only be a jpeg file.</li>';
	}
	// check the file is less than the maximum file size
	else if( ( $_FILES['Photograph']['size'] / 1024 ) < $config['Image Size Limit'])
	{
		// prepare the image for insertion
		$imgData = addslashes( file_get_contents( $_FILES[ 'Photograph' ][ 'tmp_name' ] ) );

		if( $_FILES[ 'Photograph' ] == NULL )
		{
			// Insert into the database
			$query = 'UPDATE users SET FirstName = \'' .  $form['FirstName'] . '\', `LastName` = \'' . $form['LastName'] . '\', `Email` = \'' . $form['Email'] . '\', `PhoneNumber` = \'' . $form['PhoneNumber'] . '\', `AIM` = \'' . $form['AIM'] . '\', `YIM` = \'' . $form['YIM'] . '\', `MSN` = \'' . $form['MSN'] . '\', `Address` = \'' . $form['Address'] . '\' WHERE `UserUID` = \'' . $id .  '\'';
		}
		else
		{
			// Insert into the database
			$query = 'UPDATE users SET FirstName = \'' .  $form['FirstName'] . '\', `LastName` = \'' . $form['LastName'] . '\', `Email` = \'' . $form['Email'] . '\', `PhoneNumber` = \'' . $form['PhoneNumber'] . '\', `AIM` = \'' . $form['AIM'] . '\', `YIM` = \'' . $form['YIM'] . '\', `MSN` = \'' . $form['MSN'] . '\', `Address` = \'' . $form['Address'] . '\', `Photograph` = \''. $imgData . '\' WHERE `UserUID` = \'' . $id .  '\'';
		}

		$db->query( $query );
	}
	else
	{
		$error .= '<li>Photograph file size was too big! (The maximum size is ' . $config['Image Size Limit'] . 'kb)</li>';
	}
}

if( empty($error) )
	$smarty->assign('title', 'Account Updated');
else
	$smarty->assign('title', 'Error(s) Found');

$smarty->assign('error', $error);
$smarty->assign('id', $id);
$smarty->display('editAccountProcess.tpl');

// get all assigned template vars
//$all_tpl_vars = $smarty->get_template_vars();
//print_r($all_tpl_vars);
?>